If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Ubuntu 9.04 Home Encryption Performance

Phoronix: Ubuntu 9.04 Home Encryption Performance

One of the exciting features that is being worked on for Ubuntu 9.04 is encrypted home directories. What this means is that at install-time for either the LiveCD or server installation (or at a point later on when creating additional user accounts), the administrator can opt to have the user's home directory encrypted. This is a step-down from the Ubuntu 7.10 install-time encryption that would encrypt the entire hard drive and just not the user's home directory, but alas, that comes with performance consequences. At the request of Canonical, we have carried out a few benchmarks showing what effect the Ubuntu 9.04 home encryption feature has on the system's overall performance.

Why was this test done on such high-performance, not-everyday hardware? How many of us have a 4 core processor in our daily drivers? As for the recommendation that notebook and netbook users should use the disk encryption, what 4-core netbooks (or even notebooks) are available at all?

I suppose that the hardware was chosen to be favorable to the tests, as the article was responsible in it's full disclosure that Canonical had requested the test. Also, Phoronix was not shy about mentioning that single- and dual-core processors would not see the same performance.

/home encryption is largely worthless without swap, /var, and /tmp encryption as well. If you encrypt anything, you may as well encrypt the entire disk. Otherwise, you're sacrificing performance for at best half-assed data protection.

What I don't understand is the hype about all these new features of Ubuntu that have been in Fedora/Red Hat for a while. Network manager, package kit, encryption are just a few examples of that. Hyping these features for Ubuntu does do justice to Fedora/Red Hat. For example: the hard work of making these examples work has mainly been done by the Fedora/Red Hat people. The fact that Ubuntu is adopting these makes them winners overall and is good for Linux as a whole.
Of course there is also work done by Ubuntu. I'm not bashing anything. Just give praise where praise is due...

I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.

I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.

On my Fedora 9 with AMD64 2GHz single core, the encrytion takes ~15% CPU when I read or write.

It is hard to measure the read and write performance, as the error bars are very large.

This really should be off-loaded to hardware. Didn't VIA have some crypto built-in on some of their EPIA boards? It can't be that expensive to put a basic AES cypher chip somewhere in a motherboard's SATA controller section. All that is needed, is for some of the major motherboard manufacturers and chipset makers to sit together and come up with something resembling a unified interface.